697 matches found
Design/Logic Flaw
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks...
CVE-2013-4184
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks...
CVE-2013-4184
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks...
CVE-2013-4184
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks...
[SECURITY] Fedora 28 Update: znc-1.7.1-1.fc28
ZNC is an IRC bouncer with many advanced features like detaching, multiple users, per channel playback buffer, SSL, IPv6, transparent DCC bouncing, Perl and C++ module support to name a few...
DEBIAN-CVE-2018-9246
The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create, runfile, backup, or restore function. The vulnerability...
UBUNTU-CVE-2018-9246
The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create, runfile, backup, or restore function. The vulnerability...
PGObject::Util::DBAdmin shell code injection vulnerability
LedgerSMB is an open source ERP, financial management system written and maintained by software developer Dieter Simader. The system is a branch of SQL-Ledger financial management software.PGObject::Util::DBAdmin is one of the modules used to manage PGObject. A security vulnerability exists in...
Fedora Update for perl-Module-CoreList FEDORA-2018-0050f7c0d1
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 26 Update: perl-Module-CoreList-5.20180414-1.fc26
Module::CoreList provides information on which core and dual-life modules are shipped with each version of perl...
Fedora Update for perl-Module-CoreList FEDORA-2018-1c8b49fbc7
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Zonemaster Web GUI Cross-Site Scripting Vulnerability
Zonemaster Web GUI is an open source Web graphical user interface in the Zonemaster project . A cross-site scripting vulnerability exists in the lib/Zonemaster/GUI/Dancer/Export.pm file in Zonemaster Web GUI. A remote attacker can exploit this vulnerability to inject arbitrary Web script or HTML...
MGASA-2017-0439 Updated perl-Catalyst-Plugin-Static-Simple package fixes security vulnerability
The Catalyst-Plugin-Static-Simple module before 0.34 for Perl allows remote attackers to read arbitrary files if there is a '.' character anywhere in the pathname, which differs from the intended policy of allowing access only when the filename itself has a '.' character CVE-2017-16248...
USN-3494-1 libxml-libxml-perl vulnerability
It was discovered that XML::LibXML incorrectly handled memory when processing a replaceChild call. A remote attacker could possibly use this issue to execute arbitrary code...
DEBIAN-CVE-2017-16248
The Catalyst-Plugin-Static-Simple module before 0.34 for Perl allows remote attackers to read arbitrary files if there is a '.' character anywhere in the pathname, which differs from the intended policy of allowing access only when the filename itself has a '.' character...
[SECURITY] Fedora 26 Update: perl-Image-SubImageFind-0.03-13.fc26
Perl module to aide in locating a sub-image within an image...
UBUNTU-CVE-2017-10788
The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service use-after-free and application crash or possibly have unspecified other impact by triggering 1 certain error responses from a MySQL server or 2 a loss of a network connection to a MySQL server. The...
DEBIAN-CVE-2017-10789
The DBD::mysql module through 4.043 for Perl uses the mysqlssl=1 setting to mean that SSL is optional even though this setting's documentation has a "your communication with the server will be encrypted" statement, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrad...
UBUNTU-CVE-2017-10789
The DBD::mysql module through 4.043 for Perl uses the mysqlssl=1 setting to mean that SSL is optional even though this setting's documentation has a "your communication with the server will be encrypted" statement, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrad...
UBUNTU-CVE-2017-10672
Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call...